<?php
require "common.php";
Common::$is_check_login=false;
if((!empty($_POST["loginUsername"]))&&(!empty($_POST["loginPassword"]))){
    $common=new Common();
    $load_seconds=2;
    if (empty($_SESSION["last_login_operation"])){
        $_SESSION["last_login_operation"]=strtotime('-'.$load_seconds.' seconds');
    }
    if ($_SESSION["last_login_operation"]>strtotime('-'.$load_seconds.' seconds')){
        Common::rf("请求频繁！请间隔".$load_seconds."秒");
    }
    $stuid=$common->sqlSafeString($_POST["loginUsername"]);
    $password=$common->sqlSafeString($_POST["loginPassword"]);
    if (!($stuid&&$password)) Common::rf("不得为空");
    $sql="select id,stuid,password from lunwen_user_info where stuid='".$stuid."' and password='".$password."'";
    $query=mysqli_query($common->startMysql(),$sql);
    $info_arr=mysqli_fetch_array($query,MYSQLI_ASSOC);
    $_SESSION["last_login_operation"]=strtotime('now');
    if (!$info_arr) Common::rf("用户或密码错误");
    $common->session_restart();
    $_SESSION['stuid']=$stuid;
    $_SESSION['id']=$info_arr['id'];
    $sql="SELECT * FROM lunwen_yuanfile WHERE user_info_id='".$info_arr['id']."' and blokType='stuid';";
    $query=mysqli_query($common->startMysql(),$sql);
    $yuanfile_stuid_arr=mysqli_fetch_array($query,MYSQLI_ASSOC);
    if (!$yuanfile_stuid_arr){
        $sql="INSERT INTO `lunwen_yuanfile` (`user_info_id`, `stuid`, `d0`, `d1`, `d2`, `d3`, `blokType`, `区块类型`, `正文标题`, `正文内容`) VALUES ('".$_SESSION["id"]."', '".$_SESSION['stuid']."', '0', '0', '0', '0', 'stuid', '学号', '', '".$_SESSION['stuid']."')";
        mysqli_query($common->startMysql(),$sql);
    }
    Common::rs("成功","./info.html");
}else{
    Common::rf("参数异常");
}